CVE-2007-0215

2007-05-0918:00:00

[email protected]

web.nvd.nist.gov

cve-2007-0215

microsoft excel

buffer overflow

remote code execution

nvd

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.78 High

EPSS

Percentile

98.3%

JSON

Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which results in memory corruption.

Affected configurations

NVD

Node

microsoftexcelMatch2000

microsoftexcelMatch2002

microsoftexcelMatch2003

microsoftexcelMatch2007

microsoftexcel_viewerMatch2003

microsoftofficeMatch2000sp3

microsoftofficeMatch2003sp2

microsoftofficeMatch2004mac

microsoftofficeMatch2007

microsoftofficeMatchxpsp3

CPENameOperatorVersion
microsoft:excelmicrosoft exceleq2000
microsoft:excelmicrosoft exceleq2002
microsoft:excelmicrosoft exceleq2003
microsoft:excelmicrosoft exceleq2007
microsoft:excel_viewermicrosoft excel viewereq2003
microsoft:officemicrosoft officeeq2000
microsoft:officemicrosoft officeeq2003
microsoft:officemicrosoft officeeq2004
microsoft:officemicrosoft officeeq2007
microsoft:officemicrosoft officeeqxp

CPE	Name	Operator	Version
microsoft:excel	microsoft excel	eq	2000
microsoft:excel	microsoft excel	eq	2002
microsoft:excel	microsoft excel	eq	2003
microsoft:excel	microsoft excel	eq	2007
microsoft:excel_viewer	microsoft excel viewer	eq	2003
microsoft:office	microsoft office	eq	2000
microsoft:office	microsoft office	eq	2003
microsoft:office	microsoft office	eq	2004
microsoft:office	microsoft office	eq	2007
microsoft:office	microsoft office	eq	xp